CN108629182A - Leak detection method and Hole Detection device - Google Patents

Leak detection method and Hole Detection device Download PDF

Info

Publication number
CN108629182A
CN108629182A CN201710171009.2A CN201710171009A CN108629182A CN 108629182 A CN108629182 A CN 108629182A CN 201710171009 A CN201710171009 A CN 201710171009A CN 108629182 A CN108629182 A CN 108629182A
Authority
CN
China
Prior art keywords
file
service server
path
compressed
compressed file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710171009.2A
Other languages
Chinese (zh)
Other versions
CN108629182B (en
Inventor
王放
胡珀
郑兴
郭晶
张强
范宇河
唐文韬
杨勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201710171009.2A priority Critical patent/CN108629182B/en
Publication of CN108629182A publication Critical patent/CN108629182A/en
Application granted granted Critical
Publication of CN108629182B publication Critical patent/CN108629182B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides a kind of leak detection method comprising:Compressed package files scanning plug-in unit is set according to the type of compressed file on service server;Receive the file path that service server scans the compressed file for the corresponding types that plug-in unit obtains according to compressed package files;According to the file path of a compressed file, determine that at least one file of corresponding compressed file detects path;Path is detected using file, and the detection that compressed file reveals loophole is carried out to service server.The present invention also provides a kind of Hole Detection devices, the leak detection method and Hole Detection device of the present invention scans plug-in unit by the compressed package files on service server and carries out the detection that compressed file reveals loophole to service server, shortens the time of Hole Detection Scan and improves the efficiency of Hole Detection Scan.

Description

Leak detection method and Hole Detection device
Technical field
The present invention relates to internet arenas, more particularly to a kind of leak detection method and Hole Detection device.
Background technology
Since website O&M needs, often storage has a large amount of compressed package backup file on Website server.And these Would generally include the sensitive informations such as website source code, database backup file and administrator's account number cipher in file.On once It states file to be downloaded by external hackers, lethal challenge may be caused to website, therefore the leakage of the above-mentioned file of website is referred to as Compressed file reveals loophole.
Existing compressed file leak detection method is led to using the mode of the scanning of black box technology, that is, mosaic allusion quotation The common compressed package files name recorded in traversal dictionary is crossed, in conjunction with specific compressed package suffix, such as:“rar”、“zip”、“tar”、 " tar.gz " etc..When loophole is revealed in website there are compressed file, website can return to corresponding compressed package files, and work as website not When revealing loophole there are file, website can then return to server can not echo message (i.e. 404 information) or other status informations.
The method of above-mentioned detection compressed file leakage loophole includes following drawback:
One, the method that above-mentioned compressed file leakage leak detection method uses mosaic allusion quotation, since sweep speed and dictionary are big Small related, scanner generally has 30% or so time consumption in dictionary traversal, thus this method need to expend it is a large amount of Time.
Two, since the filename of compressed package may not occur in the situation in dictionary, above-mentioned compressed file leakage leakage Hole detection method, which may exist, to be omitted and lacks, and Scanning Detction effect is poor.
Invention content
The embodiment of the present invention provides a kind of short sweep time and the higher leak detection method of Scanning Detction efficiency and loophole Detection device;To solve Hole Detection Scan overlong time and the scanning of existing leak detection method and Hole Detection device The poor technical problem of detection result.
The embodiment of the present invention provides a kind of leak detection method comprising:
Compressed package files scanning plug-in unit is set according to the type of compressed file on service server;
Receive the compressed file that the service server scans the corresponding types that plug-in unit obtains according to the compressed package files File path;
According to the file path of a compressed file, determine that at least one file of corresponding compressed file detects path;And
Path is detected using the file, and the detection that compressed file reveals loophole is carried out to the service server.
The embodiment of the present invention also provides a kind of Hole Detection device comprising:
Plug-in unit setup module is scanned, is swept for compressed package files to be arranged on service server according to the type of compressed file Retouch plug-in unit;
File path receiving module scans plug-in unit acquisition for receiving the service server according to the compressed package files Corresponding types compressed file file path;
File detects path determination module, for the file path according to a compressed file, determines corresponding compressed file At least one file detects path;And
Hole Detection module, for carrying out compressed file leakage to the service server using file detection path The detection of loophole.
Compared to the prior art, leak detection method of the invention and Hole Detection device pass through the pressure on service server Contracting APMB package scan plug-in unit to service server carry out compressed file reveal loophole detection, shorten Hole Detection Scan when Between and improve the efficiency of Hole Detection Scan;Solves the loophole inspection of existing leak detection method and Hole Detection device Survey the technical problem that sweep time is long and Scanning Detction effect is poor.
Description of the drawings
Fig. 1 is the flow chart of the first embodiment of the leak detection method of the present invention;
Fig. 2 is the flow chart of the second embodiment of the leak detection method of the present invention;
Fig. 3 is the flow chart of the step S203 of the second embodiment of the leak detection method of the present invention;
Fig. 4 is the flow chart of the step S204 of the second embodiment of the leak detection method of the present invention;
Fig. 5 is the structural schematic diagram of the first embodiment of the Hole Detection device of the present invention;
Fig. 6 is the structural schematic diagram of the second embodiment of the Hole Detection device of the present invention;
Fig. 7 is the structural schematic diagram of the corresponding service server of second embodiment of the Hole Detection device of the present invention;
Fig. 8 is that the file of the second embodiment of the Hole Detection device of the present invention detects the structural representation of path determination module Figure;
Fig. 9 is the structural schematic diagram of the Hole Detection module of the second embodiment of the Hole Detection device of the present invention;
Figure 10 is the Hole Detection server of the leak detection method of the present invention and the specific embodiment of Hole Detection device With the structural schematic diagram of service server;
Figure 11 is the overhaul flow chart of the leak detection method of the present invention and the specific embodiment of Hole Detection device;
Figure 12 is the working environment structural schematic diagram of the electronic equipment where Hole Detection device of the present invention.
Specific implementation mode
Schema is please referred to, wherein identical component symbol represents identical component, the principle of the present invention is to implement one It is illustrated in computing environment appropriate.The following description be based on illustrated by the specific embodiment of the invention, should not be by It is considered as the limitation present invention other specific embodiments not detailed herein.
In the following description, specific embodiments of the present invention will be referred to by the operation performed by one or multi-section computer The step of and symbol illustrate, unless otherwise stating clearly.Therefore, these steps and operation be will appreciate that, carried for several times wherein having Include by representing with the computer disposal list of the electronic signal of the data in a structuring pattern to be executed by computer Member is manipulated.At this manipulation transforms data or the position being maintained in the memory system of the computer, it can match again It sets or in addition changes the running of the computer in a manner familiar to those skilled in the art.The data knot that the data are maintained Structure is the provider location of the memory, has the specific feature defined in the data format.But the principle of the invention is with above-mentioned Word illustrates, is not represented as a kind of limitation, those skilled in the art will appreciate that plurality of step as described below and Operation also may be implemented in hardware.
The leak detection method and Hole Detection device of the present invention may be provided at various for detecting service server loophole Electronic equipment in, which includes but not limited to wearable device, helmet, medical treatment & health platform, individual calculus Machine, server computer, hand-held or laptop devices, mobile device (such as mobile phone, personal digital assistant (PDA), matchmaker Body player etc.), multicomputer system, consumer electronic devices, minicomputer, mainframe computer including above-mentioned arbitrary Distributed computing environment of system or equipment, etc..The electronic equipment is preferably the leakage that Hole Detection is carried out to service server Hole detection service device.The electronic equipment of the present invention scans plug-in unit to service server by the compressed package files on service server It carries out compressed file and reveals Hole Detection, shorten the time of Hole Detection Scan, improve the efficiency of Hole Detection Scan.
Fig. 1 is please referred to, Fig. 1 is the flow chart of the first embodiment of the leak detection method of the present invention.The leakage of the present embodiment Above-mentioned electronic equipment can be used to be implemented for hole detection method, and the leak detection method of this preferred embodiment includes:
Compressed package files scanning plug-in unit is arranged according to the type of compressed file on service server by step S101;
Step S102 receives the compressed file that service server scans the corresponding types that plug-in unit obtains according to compressed package files File path;
Step S103 determines at least one file detection of corresponding compressed file according to the file path of a compressed file Path;
Step S104 detects path using file and carries out the detection that compressed file reveals loophole to service server.
The following detailed description of the detailed process of each step of the leak detection method of this preferred embodiment.
In step S101, Hole Detection server obtains the file type of compressed file, such as the compression text of rar types The compressed file etc. of part, the compressed file of zip types or tar types.
Corresponding compression is arranged according to the file type of compressed file in subsequent Hole Detection server on service server APMB package scans plug-in unit.Service server each so can scan plug-in unit by compressed package files and scan own service server On certain types of compressed file, since each service server is scanned to itself, sweep speed is very fast And scan efficiency is higher.Then service server is obtained by scanning the file path of the compressed file of corresponding types, leaks in this way Hole detection service device can carry out Hole Detection by this document path to corresponding compressed file.Then pass to step S102.
In step s 102, Hole Detection server receives the correspondence that service server is obtained according to compressed package files plug-in unit The file path of the compressed file of type.Then pass to step S103.
In step s 103, Hole Detection server is according to the file path of the compressed file received in step S102, really At least one file of fixed each compressed file detects path.
Here the file path of compressed file is address of the compressed file on corresponding service server, is not The address of the compressed file of accessible outside.Therefore Hole Detection server needs to parse this document path, to obtain Path is detected in the possibility address of the corresponding accessible outside of the compressed file, i.e. file.
Since the set-up mode that the file of different compressed files detects path may be different, such as by the upper of compressed file First class catalogue or upper two-stage catalogue are mapped on corresponding site home page address, which might have multiple file detections ground Location.Therefore all possible file detection path of the compressed file according to the file path of compressed file, can be generated here.With After go to step S104.
In step S104, Hole Detection server detects path using the file that step S103 is obtained, and is taken to the business Corresponding compressed file carries out the detection of compressed file leakage loophole on business device.Here Hole Detection server can be to step S102 The file path of the compressed file of return is detected one by one, such as detects that service server has fed back corresponding compressed file, Then judge that there is the service server compressed file to reveal loophole.
The compressed file leakage Hole Detection process of the leak detection method of this preferred embodiment is completed in this way.
The leak detection method of this preferred embodiment scans plug-in unit to business by the compressed package files on service server Server carries out the detection of compressed file leakage loophole, shortens the time of Hole Detection Scan and improves Hole Detection and sweeps The efficiency retouched.
Fig. 2 is please referred to, Fig. 2 is the flow chart of the second embodiment of the leak detection method of the present invention.The leakage of the present embodiment Above-mentioned electronic equipment can be used to be implemented for hole detection method, and the leak detection method of this preferred embodiment includes:
Compressed package files scanning plug-in unit is arranged according to the type of compressed file on service server by step S201;
Step S202 receives the compressed file that service server scans the corresponding types that plug-in unit obtains according to compressed package files File path and service server outer net address;
Step S203 is determined according to the file path of a compressed file and the outer net address of corresponding service server At least one file of corresponding compressed file detects path;
Step S204 detects path using file and carries out the detection that compressed file reveals loophole to service server.
The following detailed description of the detailed process of each step of the leak detection method of this preferred embodiment.
In step s 201, Hole Detection server obtains the file type of compressed file, such as the compression text of rar types The compressed file etc. of part, the compressed file of zip types or tar types.
Corresponding compression is arranged according to the file type of compressed file in subsequent Hole Detection server on service server APMB package scans plug-in unit.Service server each so can scan plug-in unit by compressed package files and scan own service server On certain types of compressed file, then pass to step S202.
In step S202, service server scans the compression text that plug-in unit scanning obtains corresponding types according to compressed package files The file path of part.Specifically,
Service server scans plug-in unit to the pressures of corresponding types is arranged on service server using compressed package files first The compressed file of contracting type is scanned operation.
Specifically, service server can be according to the resource service condition of service server here, the scanning to scan operation Speed is adjusted, and shadow is caused to other Operational Visits operation of service server to avoid the scan operation of service server It rings.
Subsequent service server obtains the file of the compressed file of corresponding types according to the scanning result of above-mentioned scan operation Path.
Then service server returns to the outer net address of the file path of above-mentioned compressed file and service server Hole Detection server, i.e. Hole Detection server receive the corresponding types that service server is obtained according to compressed package files plug-in unit Compressed file file path and service server outer net address.Here outer net address refers to by external network pair The address that the service server accesses.Then pass to step S203.
In step S203, Hole Detection server obtains the file path of a compressed file and corresponding business service The outer net address of device, and according to the file path of a compressed file and the outer net address of corresponding service server, determination pair At least one file of compressed file is answered to detect path.Hole Detection server detects road using outer net address by file in this way Diameter carries out compressed file to service server and reveals Hole Detection.It can preferably be simulated used here as outer net address detected outer Access operation of the network users to service server.
Specific to please refer to Fig. 3, Fig. 3 is the flow of the step S203 of the second embodiment of the leak detection method of the present invention Figure.Step S203 includes:
Step S301, Hole Detection server determine the at different levels of corresponding compressed file according to the file path of a compressed file File subpath.Since the catalogues at different levels of compressed file can be mapped on corresponding site home page address, such as compression text The file path of part is 10.1.1.3/data/www/xx.com/html/c/xx.zip, and wherein 10.1.1.3 is service server Intranet ip, then the file subpaths at different levels of compressed file be
/data/www/xx.com/html/c/xx.zip;
/www/xx.com/html/c/xx.zip;
/xx.com/html/c/xx.zip;
/html/c/xx.zip;
c/xx.zip;And
/xx.zip。
Step S302, Hole Detection server according to the file subpaths at different levels of the step S301 compressed files obtained and The outer net address of corresponding service server and the outer net address of corresponding service server determine corresponding compressed file extremely A few file detects path.If the outer net address of service server is a.xx.com, the then compressed file that step S302 is obtained Corresponding file detection path is:
http://a.xx.com/data/www/xx.com/html/c/xx.zip;
http://a.xx.com/www/xx.com/html/c/xx.zip;
http://a.xx.com/xx.com/html/c/xx.zip;
http://a.xx.com/html/c/xx.zip;
http://a.xx.com/c/xx.zip;And
http://a.xx.com/xx.zip.Then pass to step S204.
In step S204, Hole Detection server detects path using the file that step S203 is obtained, and uses outer net pair Corresponding compressed file carries out the detection of compressed file leakage loophole on the service server.Specific to please refer to Fig. 4, Fig. 4 is this The flow chart of the step S204 of the second embodiment of the leak detection method of invention.Step S204 includes:
Step S401, Hole Detection server detects path using the file obtained in step S203, to business service Device accesses;
Step S402, Hole Detection server judge whether service server feeds back corresponding compressed file;Such as feedback pair The compressed file answered then goes to step S403;If do not fed back corresponding compressed file, then step S404 is gone to.
Step S403, since service server feeds back corresponding compressed file, Hole Detection server determines that the business takes Being engaged in, there are the corresponding compressed files of the compressed file to reveal loophole for device.
Step S404, since service server does not feed back corresponding compressed file, Hole Detection server is to step S401 The file detection path of middle acquisition is replaced, and return to step S401, until the corresponding All Files inspection of all compressed files It surveys path detection to finish, goes to step S405.
Specifically, as service server feedback server can not echo message, i.e. 404 webpage shapes of service server feedback State, then Hole Detection server determine that service server does not feed back corresponding compressed file.
Simultaneously here since there may be 404 webpage states for service server, it is also possible to be set and be come using other webpages 404 webpages are replaced, i.e., there may be pseudo- 404 webpage states for service server.Therefore here Hole Detection server to business Before server carries out Hole Detection, can infomation detection request first be sent to service server, such as ask the business service The not existing file of device, with obtain the service server server can not echo message, that is, obtain the service server 404 webpage states or pseudo- 404 webpage states.Hole Detection server can be by judging whether service server feeds back 404 in this way Webpage state or pseudo- 404 webpage states determine whether service server feeds back corresponding compressed file.
Step S405, Hole Detection server determine that the corresponding compressed file of the compressed file is not present in service server Reveal loophole.
Specifically, Hole Detection server can first use http://a.xx.com/data/www/xx.com/html/c/ The file detection path of xx.zip accesses to service server, as service server does not feed back corresponding compressed file, then Use http:Service server is visited in the file detection path of //a.xx.com/www/xx.com/html/c/xx.zip It asks, until the corresponding All Files detection path detection of the compressed file finishes, then judges that the pressure is not present in the service server The corresponding compressed file of contracting file reveals loophole.
If above-mentioned service server feeds back corresponding compressed file to any of the above-described file detection path, then the business is judged There are the corresponding compressed files of the compressed file to reveal loophole for server.
Here Hole Detection server can be detected the file path of the step S202 compressed files returned one by one, such as It detects that service server has fed back corresponding compressed file, then judges that the service server has the corresponding pressure of the compressed file Contracting file reveals loophole.
The compressed file leakage Hole Detection process of the leak detection method of this preferred embodiment is completed in this way.
On the basis of first preferred embodiment, the leak detection method of this preferred embodiment is by obtaining service server Outer net address, further improve the validity of Hole Detection Scan.Simultaneously multiple texts are determined by file subpaths at different levels Part detects path, reduces the probability of detection scanning missing inspection.In addition in advance obtain service server can not echo message, also into One step improves the validity of Hole Detection Scan.
The present invention also provides a kind of Hole Detection device, Fig. 5 is please referred to, Fig. 5 is the of the Hole Detection device of the present invention The structural schematic diagram of one embodiment.The first of above-mentioned leak detection method can be used to implement for the Hole Detection device of the present embodiment Example is implemented, the Hole Detection device 50 of the present embodiment include scanning plug-in unit setup module 51, file path receiving module 52, File detects path determination module 53 and Hole Detection module 54.
Scanning plug-in unit setup module 51 on service server according to the type of compressed file for being arranged compressed package files Scan plug-in unit;File path receiving module 52 is used to receive service server and scans the correspondence that plug-in unit obtains according to compressed package files The file path of the compressed file of type;File detection path determination module 53 is used for the file path according to a compressed file, Determine that at least one file of corresponding compressed file detects path;Hole Detection module 54 is used to detect path to industry using file Business server carries out the detection of compressed file leakage loophole.
The Hole Detection device 50 of this preferred embodiment is in use, scanning plug-in unit setup module 51 obtains compressed file first File type, such as the compressed file of rar types, the compressed file of zip types or tar types compressed file.
Then scanning plug-in unit setup module 51 is arranged according to the file type of compressed file on service server corresponding Compressed package files scan plug-in unit.Service server each in this way can be scanned plug-in unit by compressed package files and scan own service clothes The certain types of compressed file being engaged on device, since each service server is scanned to itself, sweep speed Very fast and scan efficiency is higher.Then service server is obtained by scanning the file path of the compressed file of corresponding types, this Sample Hole Detection server 50 can carry out Hole Detection by this document path to corresponding compressed file.
Then file path receiving module 52 receives the corresponding types that service server is obtained according to compressed package files plug-in unit Compressed file file path.
The file for the compressed file that subsequent file detection path determination module 53 is received according to file path receiving module 52 Path determines at least one file detection path of each compressed file.
Here the file path of compressed file is address of the compressed file on corresponding service server, is not The address of the compressed file of accessible outside.Therefore file detection path determination module 53 needs to solve this document path Analysis, to obtain the possibility address of the corresponding accessible outside of the compressed file, i.e. file detects path.
Since the set-up mode that the file of different compressed files detects path may be different, such as by the upper of compressed file First class catalogue or upper two-stage catalogue are mapped on corresponding site home page address, which might have multiple file detections ground Location.Therefore all possible file detection path of the compressed file according to the file path of compressed file, can be generated here.
Last Hole Detection module 54 detects path using the file that file detection path determination module 53 obtains, to the industry Corresponding compressed file carries out the detection of compressed file leakage loophole on business server.Here Hole Detection module can be to file road The file path for the compressed file that diameter receiving module returns is detected one by one, such as detects that service server has been fed back accordingly Compressed file then judges that there is the service server compressed file to reveal loophole.
The compressed file leakage Hole Detection process of the Hole Detection device 50 of this preferred embodiment is completed in this way.
The Hole Detection device of this preferred embodiment scans plug-in unit to business by the compressed package files on service server Server carries out the detection of compressed file leakage loophole, shortens the time of Hole Detection Scan and improves Hole Detection and sweeps The efficiency retouched.
Fig. 6 is please referred to, Fig. 6 is the structural schematic diagram of the second embodiment of the Hole Detection device of the present invention.The present embodiment Hole Detection device the second embodiment of above-mentioned leak detection method can be used to be implemented, the Hole Detection of the present embodiment Device 60 includes scanning plug-in unit setup module 61, file path receiving module 62, file detection path determination module 63, outer entoilage Location receiving module 64, Hole Detection module 65 and infomation detection request sending module 66.
Scanning plug-in unit setup module 61 on service server according to the type of compressed file for being arranged compressed package files Scan plug-in unit;File path receiving module 62 is used to receive service server and scans the correspondence that plug-in unit obtains according to compressed package files The file path of the compressed file of type;Outer net address receiving module 64 is used to receive the service server of service server return Outer net address;File detects path determination module 63 and is used to be taken according to the file path of a compressed file and corresponding business The outer net address of business device determines that at least one file of corresponding compressed file detects path;Hole Detection module 65 is for using File detects path and carries out the detection that compressed file reveals loophole to service server;Infomation detection request sending module 66 is used for Infomation detection request is sent to service server, the server to obtain service server can not echo message.
Fig. 7 is please referred to, Fig. 7 is the structure of the corresponding service server of second embodiment of the Hole Detection device of the present invention Schematic diagram.The service server 70 includes scan module 71, file path returns to module 72 and scanning adjusts module 73.
Scan module 71 is used to scan plug-in unit to the pressures of corresponding types is arranged on service server using compressed package files Contracting file is scanned operation;File path returns to module 72 and is used for according to the scanning result of scan operation, obtains and returns pair Answer the file path of the compressed file of type;Scanning adjustment module 73 is used for the resource service condition according to service server, right The sweep speed of scan operation is adjusted.
Fig. 8 is please referred to, Fig. 8 is that the file of the second embodiment of the Hole Detection device of the present invention detects path determination module Structural schematic diagram.It includes that file subpath determination unit 81 and file detect path that this document, which detects path determination module 63, Determination unit 82.
File subpath determination unit 81 is used to determine each of corresponding compressed file according to the file path of a compressed file Grade file subpath;File detects path determining unit 82 and is used to use the file subpaths at different levels of compressed file and corresponding The outer net address of service server determines that at least one file of corresponding compressed file detects path.
Fig. 9 is please referred to, Fig. 9 is that the structure of the Hole Detection module of the second embodiment of the Hole Detection device of the present invention is shown It is intended to.The Hole Detection module 65 includes access unit 91, judging unit 92, the first loophole determination unit 93, file detection road Diameter replaces unit 94 and the second loophole determination unit 95.
Access unit 91 is used to detect path using a file, accesses to service server;Judging unit 92 is used for Judge whether service server feeds back corresponding compressed file;First loophole determination unit 93 is used for such as service server feedback pair The compressed file answered, it is determined that there are the corresponding compressed files of compressed file to reveal loophole for service server;File detects path It replaces unit 94 to be used to not feed back corresponding compressed file such as service server, then file detection path is replaced;Second There is no the corresponding compressed file leakage loopholes of compressed file for determining service server for loophole determination unit 95.
The Hole Detection device 60 of this preferred embodiment is in use, scanning plug-in unit setup module 61 obtains compressed file first File type, such as the compressed file of rar types, the compressed file of zip types or tar types compressed file.
Then correspondence is arranged according to the file type of compressed file on service server 70 for scanning plug-in unit setup module 61 Compressed package files scan plug-in unit.Each service server 70 can scan plug-in unit by compressed package files and scan itself industry in this way The certain types of compressed file being engaged on server,
Subsequent service server 70 scans the text that plug-in unit scanning obtains the compressed file of corresponding types according to compressed package files Part path.Specifically,
The scan module 71 of service server 70 is using compressed package files scanning plug-in unit to being arranged on service server 70 The compressed file of the compression type of corresponding types is scanned operation.
Specifically, the scanning adjustment module 73 of service server 70 can use feelings according to the resource of service server here Condition is adjusted the sweep speed of scan operation, to avoid service server 70 scan operation to service server 70 The operation of other Operational Visits impacts.
The file path of subsequent service server 70 returns to scanning result of the module 72 according to above-mentioned scan operation, acquisition pair Answer the file path of the compressed file of type.
Then file path returns to module 72 by the outer entoilage of the file path of above-mentioned compressed file and service server Location returns to Hole Detection server 60, i.e. file path receiving module 62 receives service server 70 and inserted according to compressed package files The file path of the compressed file for the corresponding types that part obtains, outer net address receiving module 64 receive what service server 70 returned The outer net address of service server 70.Here outer net address refers to being accessed to the service server 70 by external network Address.
Subsequent file detection path determination module 63 obtains the file path of a compressed file and corresponding business service The outer net address of device 70, and according to the file path of a compressed file and the outer net address of corresponding service server 70, really Surely at least one file detection path of compressed file is corresponded to.Hole Detection server 60 passes through file using outer net address in this way Path is detected, carrying out compressed file to service server 70 reveals Hole Detection.It can be more preferable used here as outer net address detected Simulation external network user to the access operation of service server.
It specifically includes:
File detects the file subpath determination unit 81 of path determination module 63 according to the file path of a compressed file Determine the file subpaths at different levels of corresponding compressed file.Due to can the catalogues at different levels of compressed file be mapped to corresponding site home page On address, therefore the file path of such as compressed file is 10.1.1.3/data/www/xx.com/html/c/xx.zip, Middle 10.1.1.3 is the Intranet ip of service server 70, then the file subpaths at different levels of compressed file are /data/www/ xx.com/html/c/xx.zip;
/www/xx.com/html/c/xx.zip;
/xx.com/html/c/xx.zip;
/html/c/xx.zip;
c/xx.zip;And
/xx.zip。
The file that file detects path determination module 63 detects path determining unit 82 according to file subpath determination unit The outer net address of the file subpaths and corresponding service server 70 at different levels of 81 compressed files obtained and corresponding industry The outer net address of business server 70 determines that at least one file of corresponding compressed file detects path.Such as service server 70 Outer net address is a.xx.com, then the corresponding file of compressed file that file detection path determining unit 82 obtains detects path For:
http://a.xx.com/data/www/xx.com/html/c/xx.zip;
http://a.xx.com/www/xx.com/html/c/xx.zip;
http://a.xx.com/xx.com/html/c/xx.zip;
http://a.xx.com/html/c/xx.zip;
http://a.xx.com/c/xx.zip;And
http://a.xx.com/xx.zip。
Then Hole Detection module 65 detects path using the file that file detection path determination module 63 obtains, using outer Net carries out the detection that compressed file reveals loophole to corresponding compressed file on the service server.It specifically includes:
The access unit 91 of Hole Detection module 65 is detected using the file that file detection path determination module 63 obtains Path accesses to service server 70;
The judging unit 92 of Hole Detection module 65 judges whether service server 70 feeds back corresponding compressed file;
Corresponding compressed file is such as fed back, the first loophole determination unit 93 of Hole Detection module 65 determines the business service There are the corresponding compressed files of the compressed file to reveal loophole for device 70.
As do not fed back corresponding compressed file, unit 94 is replaced to accessing list in the file detection path of Hole Detection module 65 The file detection path that member 91 obtains is replaced, until the corresponding All Files detection path detection of all compressed files is complete Finish.
Specifically, as 70 feedback server of service server can not echo message, i.e. 404 webpage shapes of service server feedback State, then judging unit 92 determine service server 70 do not feed back corresponding compressed file.
Simultaneously here since there may be 404 webpage states for service server 70, it is also possible to be set and use other webpages Replace 404 webpages, i.e., there may be pseudo- 404 webpage states for service server 70.Therefore here to service server 70 into Before row Hole Detection, infomation detection request sending module 66 first can send infomation detection request to service server 70, such as Ask the not existing file of the service server 70, with obtain the service server 70 server can not echo message, Obtain 404 webpage states of the service server 70 or pseudo- 404 webpage states.Judging unit 92 can be by judging business in this way Whether server 70 feeds back 404 webpage states or pseudo- 404 webpage states to determine whether service server 70 feeds back corresponding pressure Contracting file.
Second loophole determination unit 95 of Hole Detection module 65 determines service server, and there is no compressed file is corresponding Compressed file reveals loophole.
Specifically, Hole Detection module 65 can first use http://a.xx.com/data/www/xx.com/html/c/ The file detection path of xx.zip accesses to service server 70, if service server does not feed back corresponding compressed file, Reuse http:The file detection path of //a.xx.com/www/xx.com/html/c/xx.zip carries out service server It accesses, until the corresponding All Files detection path detection of the compressed file finishes, then Hole Detection module 65 judges the business There is no the corresponding compressed files of the compressed file to reveal loophole for server 70.
Corresponding compressed file is fed back as above-mentioned service server 70 detects path to any of the above-described file, then Hole Detection Module 65 judges the service server 70, and there are the corresponding compressed files of the compressed file to reveal loophole.
Here Hole Detection module 65 can to file path receiving module 62 return compressed file file path one by one It is detected, such as detects that service server 70 has fed back corresponding compressed file, then judge that the service server 70 has and be somebody's turn to do The corresponding compressed file of compressed file reveals loophole.
The compressed file leakage Hole Detection process of the Hole Detection device 60 of this preferred embodiment is completed in this way.
On the basis of first preferred embodiment, the Hole Detection device of this preferred embodiment is by obtaining service server Outer net address, further improve the validity of Hole Detection Scan.Simultaneously multiple texts are determined by file subpaths at different levels Part detects path, reduces the probability of detection scanning missing inspection.In addition in advance obtain service server can not echo message, also into One step improves the validity of Hole Detection Scan.
Illustrate the leak detection method of the present invention and the specific works of Hole Detection device below by a specific embodiment Principle, please refers to Figure 10 and Figure 11, and Figure 10 is the leak detection method of the present invention and the specific embodiment of Hole Detection device The structural schematic diagram of Hole Detection server and service server, Figure 11 are the leak detection method and Hole Detection dress of the present invention The overhaul flow chart for the specific embodiment set.Hole Detection device in this specific embodiment is Hole Detection server 101, should Hole Detection server carries out compressed file for multiple service servers 102 simultaneously and reveals Hole Detection.This specific embodiment Hole Detection server 101 to multiple service servers 102 carry out compressed file reveal Hole Detection process include:
Step S1101, type of the Hole Detection server based on compressed file set by user, as .zip .rar, .tar compressed package is arranged on each service server in, the compressed file of .tar.gz .7z .bak and .tar.bz2 suffix File scan plug-in unit.
Step S1102, service server is using compressed package files scanning plug-in unit to the compressed file of local the above-mentioned type It is scanned, obtains the file path of the compressed file of corresponding types.
Step S1103, service server is in the form of a list by the file path and business service of above-mentioned compressed file The intranet and extranet IP address of device is back to Hole Detection server.
Step S1104, Hole Detection server is according to the file path of compressed file and corresponding service server Intranet and extranet IP address carries out compressed file to the service server and reveals Hole Detection.
Concretely:Service server if IP address of internal network is 10.1.1.3 collects a file path as "/data/ The compressed file of www/xx.com/html/c/xx.zip ".
Hole Detection server can first call the corresponding outer net IP address of the service server or domain name, such as “a.xx.com”.Subsequent Hole Detection server can detect path " http according to the domain name and file path composite document:// a.xx.com/data/www/xx.com/html/c/xx.zip”。
Subsequent Hole Detection server access this document detects path, and judges whether service server feeds back corresponding pressure Contracting file " xx.zip ".If service server feeds back 404 state web pages, then illustrate that pressure cannot be accessed in this file detection path Contracting file then continues the alternative document detection path " http for obtaining the compressed file://a.xx.com/www/xx.com/ html/c/xx.zip”、“http://a.xx.com/xx.com/html/c/xx.zip”、……“http://a.xx.com/ xx.zip”.If compressed file " xx.zip " cannot be accessed in above-mentioned file detection path, then Hole Detection server judges to be somebody's turn to do There is no the corresponding compressed files of the compressed file to reveal loophole for service server.As any of the above-described file detection path may have access to To compressed file " xx.zip ", then Hole Detection server judges the service server there are the corresponding compression texts of the compressed file Part reveals loophole
The compressed file leakage leakage of the leak detection method and Hole Detection device of this specific embodiment is completed in this way Hole detection process.
The leak detection method and Hole Detection device of the present invention is scanned by the compressed package files on service server to be inserted Part carries out service server the detection that compressed file reveals loophole, shortens the time of Hole Detection Scan and improves leakage The efficiency of hole detection scanning;Solves the Hole Detection Scan overlong time of existing leak detection method and Hole Detection device And the technical problem that Scanning Detction effect is poor.
" component ", " module ", " system ", " interface ", " process " etc. are usually intended to as used herein the term Refer to computer related entity:Hardware, the combination of hardware and software, software or software in execution.For example, component can be but not It is limited to run process on a processor, processor, object, executable application, thread, program and/or the computer executed. By diagram, both the application and the controller run on the controller can be component.One or more components can have It is in the process executed and/or thread, and component can be located on a computer and/or be distributed in two or more meters Between calculation machine.
Figure 12 and the discussion below are provided to the electronic equipment where realization Hole Detection device of the present invention Brief, summary the description of working environment.The working environment of Figure 12 is only an example of working environment appropriate and not Suggestion is intended to about the purposes of working environment or any restrictions of the range of function.Example electronic equipment 1212 includes but not limited to Wearable device, helmet, medical treatment & health platform, personal computer, server computer, hand-held or laptop devices, Mobile device (such as mobile phone, personal digital assistant (PDA), media player etc.), multicomputer system, consumption-orientation electricity The distributed computing environment, etc. of sub- equipment, minicomputer, mainframe computer including above-mentioned arbitrary system or equipment.
Although not requiring, in the common background that " computer-readable instruction " is executed by one or more electronic equipments Lower description embodiment.Computer-readable instruction can be distributed and (be discussed below) via computer-readable medium.It is computer-readable Instruction can be implemented as program module, such as the function of execution particular task or realization particular abstract data type, object, application Programming interface (API), data structure etc..Typically, the function of the computer-readable instruction can be in various environment arbitrarily Combination or distribution.
Figure 12 illustrates the electronic equipment 1212 of one or more of the Hole Detection device including present invention embodiment Example.In one configuration, electronic equipment 1212 includes at least one processing unit 1216 and memory 1218.According to electronics The exact configuration and type of equipment, memory 1318 can be volatibility (such as RAM), it is non-volatile (such as ROM, dodge Deposit) or the two certain combination.The configuration is illustrated by dotted line 1214 in fig. 12.
In other embodiments, electronic equipment 1212 may include supplementary features and/or function.For example, equipment 1212 is also May include additional storage device (such as removable and/or non-removable) comprising but it is not limited to magnetic memory apparatus, light Storage device etc..This additional memory devices are illustrated by storage device 1220 in fig. 12.In one embodiment, it is used for real The computer-readable instruction of existing one or more embodiments provided in this article can be in storage device 1220.Storage device 1220 can also store other computer-readable instructions for realizing operating system, application program etc..Computer-readable instruction It can be loaded into memory 1218 and be executed by such as processing unit 1216.
Term as used herein " computer-readable medium " includes computer storage media.Computer storage media includes The volatibility that any method or technique of the information of such as computer-readable instruction or other data etc is realized for storage With non-volatile, removable and nonremovable medium.Memory 1218 and storage device 1220 are the realities of computer storage media Example.Computer storage media includes but not limited to RAM, ROM, EEPROM, flash memory or other memory technologies, CD-ROM, number Universal disc (DVD) or other light storage devices, cassette tape, tape, disk storage device or other magnetic storage apparatus can be with For storing any other medium it is expected information and can accessed by electronic equipment 1212.Arbitrary such computer storage is situated between Matter can be a part for electronic equipment 1212.
Electronic equipment 1212 can also include the communication connection 1226 for allowing electronic equipment 1212 to be communicated with other equipment.It is logical Letter connection 1226 can include but is not limited to modem, network interface card (NIC), integrated network interface, radiofrequency launcher/ Receiver, infrared port, USB connections or other interfaces for electronic equipment 1212 to be connected to other electronic equipments.Communication Connection 1226 may include wired connection or wireless connection.Communication connection 1226 can emit and/or receive communication medium.
Term " computer-readable medium " may include communication media.Communication media typically comprises computer-readable instruction Or other data in " the own modulated data signal " of such as carrier wave or other transmission mechanisms etc, and include that any information is passed Send medium.Term " own modulated data signal " may include such signal:One or more of the characteristics of signals is according to general Mode in information coding to signal is set or changed.
Electronic equipment 1212 may include input equipment 1224, for example, keyboard, mouse, pen, voice-input device, touch it is defeated Enter equipment, infrared camera, video input apparatus and/or any other input equipment.Can also include that output is set in equipment 1212 Standby 1222, such as one or more displays, loud speaker, printer and/or other arbitrary output equipments.1224 He of input equipment Output equipment 1222 can be connected to electronic equipment 1212 via wired connection, wireless connection or its arbitrary combination.In a reality It applies in example, input equipment or output equipment from another electronic equipment are used as the input equipment of electronic equipment 1212 1224 or output equipment 1222.
The component of electronic equipment 1212 can be connected by various interconnection (such as bus).Such interconnection may include outer Enclose component interconnection (PCI) (such as quick PCI), universal serial bus (USB), firewire (IEEE1394), optical bus structure etc. Deng.In another embodiment, the component of electronic equipment 1212 can pass through network interconnection.For example, memory 1218 can be by Multiple physical memory cells arcs composition in different physical locations, by network interconnection.
It would be recognized by those skilled in the art that the storage device for storing computer-readable instruction can be across network point Cloth.For example, can be stored for realizing one provided by the present invention via the electronic equipment 1230 that network 1228 accesses or The computer-readable instruction of multiple embodiments.Electronic equipment 1212 can access electronic equipment 1230 and downloading computer is readable What is instructed is part or all of for execution.Alternatively, electronic equipment 1212 can be downloaded a plurality of computer-readable on demand It instructs or some instruction can be executed at electronic equipment 1212 and some instructions can be held at electronic equipment 1230 Row.
There is provided herein the various operations of embodiment.In one embodiment, one or more operations can be with structure At the computer-readable instruction stored on one or more computer-readable mediums, will make to succeed in one's scheme when being executed by electronic equipment It calculates equipment and executes the operation.Describing the sequences of some or all of operations, to should not be construed as to imply that these operations necessarily suitable Sequence is relevant.It will be appreciated by those skilled in the art that the alternative sequence of the benefit with this specification.Furthermore, it is to be understood that Not all operation must exist in each embodiment provided in this article.
Moreover, although the disclosure, this field skill has shown and described relative to one or more realization methods Art personnel will be appreciated that equivalent variations and modification based on the reading and understanding to the specification and drawings.The disclosure include it is all this The modifications and variations of sample, and be limited only by the scope of the following claims.In particular, to by said modules (such as element, Resource etc.) various functions that execute, the term for describing such component is intended to correspond to the specified work(for executing the component The random component (unless otherwise instructed) of energy (such as it is functionally of equal value), even if illustrated herein with execution in structure The disclosure exemplary implementations in function open structure it is not equivalent.In addition, although the special characteristic of the disclosure Through being disclosed relative to the only one in several realization methods, but this feature can with such as can be to given or specific application For be it is expected and one or more other features combinations of other advantageous realization methods.Moreover, with regard to term " comprising ", " tool Have ", " containing " or its deformation be used in specific implementation mode or claim for, such term be intended to with term The similar mode of "comprising" includes.
Each functional unit in the embodiment of the present invention can be integrated in a processing module, can also be each unit list Solely be physically present, can also two or more units be integrated in a module.Above-mentioned integrated module both may be used The form of hardware is realized, can also be realized in the form of software function module.If the integrated module is with software function The form of module is realized and when sold or used as an independent product, can also be stored in a computer-readable storage and be situated between In matter.Storage medium mentioned above can be read-only memory, disk or CD etc..Above-mentioned each device or system, can be with Execute the method in correlation method embodiment.
In conclusion although the present invention is disclosed above with embodiment, the serial number before embodiment only makes for convenience of description With not causing to limit to the sequence of various embodiments of the present invention.Also, above-described embodiment is not to limit the present invention, this field Those of ordinary skill, without departing from the spirit and scope of the present invention, can make it is various change and retouch, therefore the present invention The range that claim of protection domain being subject to defines.

Claims (13)

1. a kind of leak detection method, which is characterized in that including:
Compressed package files scanning plug-in unit is set according to the type of compressed file on service server;
Receive the text that the service server scans the compressed file for the corresponding types that plug-in unit obtains according to the compressed package files Part path;
According to the file path of a compressed file, determine that at least one file of corresponding compressed file detects path;And
Path is detected using the file, and the detection that compressed file reveals loophole is carried out to the service server.
2. leak detection method according to claim 1, which is characterized in that described scanned according to the compressed package files is inserted Part obtain corresponding types compressed file file path the step of include:
The service server is using compressed package files scanning plug-in unit to corresponding types are arranged on the service server Compressed file be scanned operation;And
The service server obtains and returns the text of the compressed file of corresponding types according to the scanning result of the scan operation Part path.
3. leak detection method according to claim 1, which is characterized in that the leak detection method further includes:
Receive the outer net address for the service server that the service server returns;
The file path according to a compressed file determines the step of at least one file of corresponding compressed file detects path For:
According to the file path of a compressed file and the outer net address of corresponding service server, corresponding compressed file is determined At least one file detects path.
4. leak detection method according to claim 3, which is characterized in that the file path according to a compressed file And the outer net address of corresponding service server determines that the step of at least one file detection path of corresponding compressed file wraps It includes:
The file subpaths at different levels of corresponding compressed file are determined according to the file path of a compressed file;And
Corresponding pressure is determined using the file subpath at different levels of the compressed file and the outer net address of corresponding service server At least one file of contracting file detects path.
5. leak detection method according to claim 1, which is characterized in that described to detect path to institute using the file Stating the step of service server carries out the detection of compressed file leakage loophole includes:
Path is detected using a file, is accessed to the service server;
Judge whether the service server feeds back corresponding compressed file;
As the service server feeds back corresponding compressed file, it is determined that there are the compressed files pair for the service server The compressed file leakage loophole answered;
If the service server does not feed back corresponding compressed file, then file detection path is replaced, and return The step of accessing to the service server, until the corresponding All Files detection path detection of the compressed file is complete Finish;And
Determining the service server, there is no the corresponding compressed file leakage loopholes of the compressed file.
6. leak detection method according to claim 5, which is characterized in that as the service server feedback server without Method echo message, it is determined that the service server does not feed back corresponding compressed file.
7. leak detection method according to claim 6, which is characterized in that the leak detection method includes:
Infomation detection request is sent to the service server, the server to obtain the service server can not respond letter Breath.
8. leak detection method according to claim 2, which is characterized in that the service server uses the compressed package File scan plug-in unit includes the step of the compressed file of corresponding types on the service server is scanned operation to being arranged:
The service server according to the resource service condition of the service server, to the sweep speed of the scan operation into Row adjustment.
9. a kind of Hole Detection device, which is characterized in that including:
Plug-in unit setup module is scanned, is inserted for compressed package files scanning to be arranged on service server according to the type of compressed file Part;
File path receiving module scans pair that plug-in unit obtains for receiving the service server according to the compressed package files Answer the file path of the compressed file of type;
File detects path determination module, for the file path according to a compressed file, determines corresponding compressed file at least One file detects path;And
Hole Detection module reveals loophole for carrying out compressed file to the service server using file detection path Detection.
10. Hole Detection device according to claim 9, which is characterized in that the service server includes:
Scan module, for scanning plug-in unit to the corresponding types on the service server are arranged using the compressed package files Compressed file is scanned operation;And
File path returns to module, for the scanning result according to the scan operation, obtains and return the compression of corresponding types The file path of file.
11. Hole Detection device according to claim 9, which is characterized in that the Hole Detection device further includes:
Outer net address receiving module, the outer net address for receiving the service server that the service server returns;
The file detection path determination module is used for the file path according to a compressed file and corresponding service server Outer net address, determine that at least one file of corresponding compressed file detects path.
12. Hole Detection device according to claim 11, which is characterized in that the file detects path determination module packet It includes:
File subpath determination unit, the files at different levels for determining corresponding compressed file according to the file path of a compressed file Subpath;And
File detects path determining unit, for the file subpath at different levels and corresponding business clothes using the compressed file The outer net address of business device determines that at least one file of corresponding compressed file detects path.
13. Hole Detection device according to claim 9, which is characterized in that the Hole Detection module includes:
Access unit accesses to the service server for detecting path using a file;
Judging unit, for judging whether the service server feeds back corresponding compressed file;
First loophole determination unit feeds back corresponding compressed file for such as the service server, it is determined that the business clothes Being engaged in, there are the corresponding compressed files of the compressed file to reveal loophole for device;
File detects path and replaces unit, does not feed back corresponding compressed file for such as described service server, then to the text It is replaced in part detection path;And
Second loophole determination unit, for determining the service server, there is no the corresponding compressed files of the compressed file to let out Reveal loophole.
CN201710171009.2A 2017-03-21 2017-03-21 Vulnerability detection method and vulnerability detection device Active CN108629182B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710171009.2A CN108629182B (en) 2017-03-21 2017-03-21 Vulnerability detection method and vulnerability detection device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710171009.2A CN108629182B (en) 2017-03-21 2017-03-21 Vulnerability detection method and vulnerability detection device

Publications (2)

Publication Number Publication Date
CN108629182A true CN108629182A (en) 2018-10-09
CN108629182B CN108629182B (en) 2022-11-04

Family

ID=63706433

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710171009.2A Active CN108629182B (en) 2017-03-21 2017-03-21 Vulnerability detection method and vulnerability detection device

Country Status (1)

Country Link
CN (1) CN108629182B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109697362A (en) * 2018-12-13 2019-04-30 西安四叶草信息技术有限公司 Network hole detection method and device
CN114117530A (en) * 2021-11-29 2022-03-01 北京字节跳动网络技术有限公司 File leakage detection method and device
CN116561773A (en) * 2023-07-12 2023-08-08 北京云科安信科技有限公司 Intelligent vulnerability detection and verification method

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6907531B1 (en) * 2000-06-30 2005-06-14 Internet Security Systems, Inc. Method and system for identifying, fixing, and updating security vulnerabilities
CN101930515A (en) * 2010-08-27 2010-12-29 奇智软件(北京)有限公司 System and method for safely decompressing compressed file
CN102710642A (en) * 2012-06-01 2012-10-03 北京神州绿盟信息安全科技股份有限公司 Method and device for scanning system bug
CN102970282A (en) * 2012-10-31 2013-03-13 北京奇虎科技有限公司 Website security detection system
CN103793649A (en) * 2013-11-22 2014-05-14 北京奇虎科技有限公司 Method and device for cloud-based safety scanning of files
CN104318162A (en) * 2014-09-27 2015-01-28 深信服网络科技(深圳)有限公司 Source code leakage detection method and device
CN104426850A (en) * 2013-08-23 2015-03-18 南京理工大学常熟研究院有限公司 Vulnerability detection method based on plug-in
CN104573520A (en) * 2013-10-09 2015-04-29 腾讯科技(深圳)有限公司 Method and device for detecting permanent type cross site scripting vulnerability
CN104680065A (en) * 2015-01-26 2015-06-03 安一恒通(北京)科技有限公司 Virus detection method, virus detection device and virus detection equipment
CN104933368A (en) * 2014-03-21 2015-09-23 腾讯科技(深圳)有限公司 Network security vulnerability detection method and apparatus
CN105224874A (en) * 2014-06-24 2016-01-06 深圳市茁壮网络股份有限公司 Based on plug-in security control method and the client of middleware card cage
CN105279078A (en) * 2014-06-24 2016-01-27 腾讯科技(深圳)有限公司 Method and device for detecting security hole
CN105429955A (en) * 2015-10-30 2016-03-23 西安四叶草信息技术有限公司 Remote vulnerability detection method
CN105791233A (en) * 2014-12-24 2016-07-20 华为技术有限公司 Anti-virus scanning method and device
CN107241292A (en) * 2016-03-28 2017-10-10 阿里巴巴集团控股有限公司 Leak detection method and device

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6907531B1 (en) * 2000-06-30 2005-06-14 Internet Security Systems, Inc. Method and system for identifying, fixing, and updating security vulnerabilities
CN101930515A (en) * 2010-08-27 2010-12-29 奇智软件(北京)有限公司 System and method for safely decompressing compressed file
CN102710642A (en) * 2012-06-01 2012-10-03 北京神州绿盟信息安全科技股份有限公司 Method and device for scanning system bug
CN102970282A (en) * 2012-10-31 2013-03-13 北京奇虎科技有限公司 Website security detection system
CN104426850A (en) * 2013-08-23 2015-03-18 南京理工大学常熟研究院有限公司 Vulnerability detection method based on plug-in
CN104573520A (en) * 2013-10-09 2015-04-29 腾讯科技(深圳)有限公司 Method and device for detecting permanent type cross site scripting vulnerability
CN103793649A (en) * 2013-11-22 2014-05-14 北京奇虎科技有限公司 Method and device for cloud-based safety scanning of files
CN104933368A (en) * 2014-03-21 2015-09-23 腾讯科技(深圳)有限公司 Network security vulnerability detection method and apparatus
CN105224874A (en) * 2014-06-24 2016-01-06 深圳市茁壮网络股份有限公司 Based on plug-in security control method and the client of middleware card cage
CN105279078A (en) * 2014-06-24 2016-01-27 腾讯科技(深圳)有限公司 Method and device for detecting security hole
CN104318162A (en) * 2014-09-27 2015-01-28 深信服网络科技(深圳)有限公司 Source code leakage detection method and device
CN105791233A (en) * 2014-12-24 2016-07-20 华为技术有限公司 Anti-virus scanning method and device
CN104680065A (en) * 2015-01-26 2015-06-03 安一恒通(北京)科技有限公司 Virus detection method, virus detection device and virus detection equipment
CN105429955A (en) * 2015-10-30 2016-03-23 西安四叶草信息技术有限公司 Remote vulnerability detection method
CN107241292A (en) * 2016-03-28 2017-10-10 阿里巴巴集团控股有限公司 Leak detection method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109697362A (en) * 2018-12-13 2019-04-30 西安四叶草信息技术有限公司 Network hole detection method and device
CN114117530A (en) * 2021-11-29 2022-03-01 北京字节跳动网络技术有限公司 File leakage detection method and device
CN114117530B (en) * 2021-11-29 2023-08-22 抖音视界有限公司 File leakage detection method and device
CN116561773A (en) * 2023-07-12 2023-08-08 北京云科安信科技有限公司 Intelligent vulnerability detection and verification method
CN116561773B (en) * 2023-07-12 2023-09-19 北京云科安信科技有限公司 Intelligent vulnerability detection and verification method

Also Published As

Publication number Publication date
CN108629182B (en) 2022-11-04

Similar Documents

Publication Publication Date Title
CN109376078B (en) Mobile application testing method, terminal equipment and medium
US9215247B2 (en) Application security testing
CN108989355B (en) Vulnerability detection method and device
CN103297394B (en) Website security detection method and device
CN104933363A (en) Method and device for detecting malicious file
CN107133180A (en) Method of testing, test device and the storage medium of dynamic page
CN106992981B (en) Website backdoor detection method and device and computing equipment
CN111885007B (en) Information tracing method, device, system and storage medium
CN108459850B (en) Method, device and system for generating test script
CN105791261A (en) Detection method and detection device for cross-site scripting attack
CN108629182A (en) Leak detection method and Hole Detection device
US11405403B2 (en) Method and device, and server and terminal for processing network resource access
CN102664874A (en) Method and system for secure logging in
CN103095530A (en) Method and system for sensitive information monitoring and leakage prevention based on front-end gateway
CN112541181A (en) Method and device for detecting server security
CN106250761B (en) Equipment, device and method for identifying web automation tool
CN109672658A (en) Detection method, device, equipment and the storage medium of JSON abduction loophole
GB2511329A (en) Web service black box testing
CN113362173A (en) Anti-duplication mechanism verification method, anti-duplication mechanism verification system, electronic equipment and storage medium
CN103390129A (en) Method and device for detecting security of uniform resource locator
JP2012083909A (en) Application characteristic analysis device and program
CN110177096A (en) Client certificate method, apparatus, medium and calculating equipment
CN113434217B (en) Vulnerability scanning method, vulnerability scanning device, computer equipment and medium
CN102984229B (en) For configuring the method and system of trust machine
CN105281963A (en) nginx server vulnerability detection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant